Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/6cb72d-45a7-4490-9c59-93ead35a12ca/1/3SOTukwSWrR1Nu1I7c8QHUHDj5Q.roa
File: 3SOTukwSWrR1Nu1I7c8QHUHDj5Q.roa (raw, json)
Hash identifier: 4YWkgAQs57y3jWp09RgMoPwSBLEZe+2Hmh3qEftE0D8=
Subject key identifier: DD:23:93:BA:4C:12:5A:B4:75:36:ED:48:ED:CF:10:1D:41:C3:8F:94
Certificate issuer: /CN=478d24898d1cf52d23f9561dc6ac0f1363e6c760
Certificate serial: 019420D61BE132199EE3FADBB10484330F64
Authority key identifier: 47:8D:24:89:8D:1C:F5:2D:23:F9:56:1D:C6:AC:0F:13:63:E6:C7:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R40kiY0c9S0j-VYdxqwPE2Pmx2A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/6cb72d-45a7-4490-9c59-93ead35a12ca/1/3SOTukwSWrR1Nu1I7c8QHUHDj5Q.roa
Signing time: Wed 01 Jan 2025 07:48:10 +0000
ROA not before: Wed 01 Jan 2025 07:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42718
IP address blocks: 176.117.62.0/24 maxlen: 24
2001:678:3e0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/6cb72d-45a7-4490-9c59-93ead35a12ca/1/R40kiY0c9S0j-VYdxqwPE2Pmx2A.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/6cb72d-45a7-4490-9c59-93ead35a12ca/1/R40kiY0c9S0j-VYdxqwPE2Pmx2A.mft
rsync://rpki.ripe.net/repository/DEFAULT/R40kiY0c9S0j-VYdxqwPE2Pmx2A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 07:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:1b:e1:32:19:9e:e3:fa:db:b1:04:84:33:0f:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=478d24898d1cf52d23f9561dc6ac0f1363e6c760
Validity
Not Before: Jan 1 07:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd2393ba4c125ab47536ed48edcf101d41c38f94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:a7:de:25:93:84:b4:9d:01:bf:c4:63:b6:af:
3d:6a:14:e3:53:33:6e:c1:56:a3:c1:be:14:93:b3:
6a:43:ce:4a:71:40:82:71:16:c0:4d:35:9d:56:42:
28:de:c3:2b:8d:36:f3:41:86:f6:3c:48:fd:80:ad:
63:1d:ab:c8:1d:d3:c3:4a:bf:b8:5f:4d:88:4e:b7:
51:fc:e9:b7:8c:4a:67:ff:60:50:3e:c7:9a:c5:fa:
db:16:53:ce:7a:e7:4e:14:80:d1:09:2f:7d:14:9f:
a9:54:46:f8:c4:c6:d9:4e:cf:88:c9:04:37:49:9c:
80:89:8b:10:ce:c2:01:18:31:aa:12:43:14:f4:18:
57:23:7d:f8:36:60:e6:14:22:4b:99:73:a4:9e:cf:
c3:f7:ae:6b:0c:74:81:0d:f1:e4:99:65:8c:bb:91:
d8:80:c7:81:5e:a7:81:4d:ba:38:13:9a:74:8c:77:
6e:c7:ee:ef:0f:3d:56:80:15:01:13:ea:9b:56:d9:
73:fe:a5:51:e4:df:7c:df:1f:2f:72:5c:a2:22:3f:
5f:64:59:9f:d0:6e:43:5f:7d:d5:10:6c:14:88:62:
27:e6:d5:d8:d5:67:18:e2:4e:f8:d1:31:7d:96:43:
7d:89:9d:0e:36:18:40:8c:8e:44:a6:62:07:ce:1e:
3f:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:23:93:BA:4C:12:5A:B4:75:36:ED:48:ED:CF:10:1D:41:C3:8F:94
X509v3 Authority Key Identifier:
keyid:47:8D:24:89:8D:1C:F5:2D:23:F9:56:1D:C6:AC:0F:13:63:E6:C7:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R40kiY0c9S0j-VYdxqwPE2Pmx2A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/6cb72d-45a7-4490-9c59-93ead35a12ca/1/3SOTukwSWrR1Nu1I7c8QHUHDj5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/6cb72d-45a7-4490-9c59-93ead35a12ca/1/R40kiY0c9S0j-VYdxqwPE2Pmx2A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.117.62.0/24
IPv6:
2001:678:3e0::/48
Signature Algorithm: sha256WithRSAEncryption
07:d5:53:e2:92:89:38:ee:be:0d:31:22:01:af:d9:1c:2e:1a:
31:d9:03:17:e4:a5:47:92:19:21:76:c9:01:29:19:be:0b:d7:
71:67:9f:cd:82:8b:59:d8:83:f0:9c:81:f0:fe:98:0f:bc:d8:
b7:40:b0:fd:ec:f0:21:b0:c0:b2:03:7a:e0:b2:e2:3c:cb:98:
3d:67:5c:b3:53:2f:a4:0c:8c:5a:e7:da:1c:b8:99:5f:a7:ea:
e1:1e:a0:97:f3:dc:53:32:53:d0:71:68:f0:da:19:58:e8:4f:
ec:00:6e:2a:74:e4:3e:0f:e9:56:53:a5:b0:4d:07:a0:f8:9d:
c2:78:ff:80:d2:97:53:8d:15:33:de:bc:45:8e:2b:28:4c:58:
29:f5:7f:82:03:43:9b:36:70:20:a9:57:db:a5:be:4a:fc:fd:
f4:3f:fd:66:82:c6:b7:a4:83:1f:b4:0a:36:ae:93:7b:59:b7:
1f:92:89:65:32:8c:c2:5b:a1:80:69:20:39:02:8e:9a:f4:ec:
ec:13:85:08:0e:fc:bc:8c:f7:a3:ef:ba:77:28:c5:d9:1d:b6:
cd:c9:c2:59:ee:f4:74:39:4f:6d:4d:dc:76:0d:74:d6:18:42:
2b:3c:69:cb:31:aa:63:aa:43:e8:f0:bd:2a:4e:b8:cb:cd:6b:
b1:60:9d:15
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQg1hvhMhme4/rbsQSEMw9kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3OGQyNDg5OGQxY2Y1MmQyM2Y5NTYxZGM2YWMwZjEzNjNl
NmM3NjAwHhcNMjUwMTAxMDc0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDIzOTNiYTRjMTI1YWI0NzUzNmVkNDhlZGNmMTAxZDQxYzM4Zjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4qfeJZOEtJ0Bv8Rjtq89ahTjUzNu
wVajwb4Uk7NqQ85KcUCCcRbATTWdVkIo3sMrjTbzQYb2PEj9gK1jHavIHdPDSr+4
X02ITrdR/Om3jEpn/2BQPseaxfrbFlPOeudOFIDRCS99FJ+pVEb4xMbZTs+IyQQ3
SZyAiYsQzsIBGDGqEkMU9BhXI334NmDmFCJLmXOkns/D965rDHSBDfHkmWWMu5HY
gMeBXqeBTbo4E5p0jHdux+7vDz1WgBUBE+qbVtlz/qVR5N983x8vclyiIj9fZFmf
0G5DX33VEGwUiGIn5tXY1WcY4k740TF9lkN9iZ0ONhhAjI5EpmIHzh4/hQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN0jk7pMElq0dTbtSO3PEB1Bw4+UMB8GA1UdIwQY
MBaAFEeNJImNHPUtI/lWHcasDxNj5sdgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjQwa2lZMGM5UzBqLVZZZHhxd1BFMlBteDJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy82Y2I3MmQtNDVhNy00NDkwLTljNTkt
OTNlYWQzNWExMmNhLzEvM1NPVHVrd1NXclIxTnUxSTdjOFFIVUhEajVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy82Y2I3MmQtNDVhNy00NDkwLTljNTktOTNlYWQzNWExMmNh
LzEvUjQwa2lZMGM5UzBqLVZZZHhxd1BFMlBteDJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAsHU+MA8E
AgACMAkDBwAgAQZ4A+AwDQYJKoZIhvcNAQELBQADggEBAAfVU+KSiTjuvg0xIgGv
2RwuGjHZAxfkpUeSGSF2yQEpGb4L13Fnn82Ci1nYg/CcgfD+mA+82LdAsP3s8CGw
wLIDeuCy4jzLmD1nXLNTL6QMjFrn2hy4mV+n6uEeoJfz3FMyU9BxaPDaGVjoT+wA
bip05D4P6VZTpbBNB6D4ncJ4/4DSl1ONFTPevEWOKyhMWCn1f4IDQ5s2cCCpV9ul
vkr8/fQ//WaCxrekgx+0Cjauk3tZtx+SiWUyjMJboYBpIDkCjpr07OwThQgO/LyM
96Pvuncoxdkdts3Jwlnu9HQ5T21N3HYNdNYYQis8acsxqmOqQ+jwvSpOuMvNa7Fg
nRU=
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:31:27 2025 by rpki-client